Search CVE reports
171 – 180 of 42760 results
A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the `filter_safe_tarinfos` validation in `keras/src/utils/file_utils.py`. Specifically, symlink entries are not...
1 affected package
keras
| Package | 20.04 LTS |
|---|---|
| keras | Needs evaluation |
[GHSA-pjjp-65r7-ppgm: Out-of-bounds read and write in wrap_lines_measure]
1 affected package
libass
| Package | 20.04 LTS |
|---|---|
| libass | Needs evaluation |
[GHSA-5gf7-wjfm-vmvm: Out-of-bounds bit clears for negative Matroska ReadOrder values]
1 affected package
libass
| Package | 20.04 LTS |
|---|---|
| libass | Needs evaluation |
Not in release
A denial of service vulnerability exists in ASP.NET Core SignalR in .NET 8, .NET 9, and .NET 10. Stateful reconnect can be leveraged by an attacker to deny service to other users.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
[OnionShare Receive mode writes uploaded files even when file uploads are disabled]
1 affected package
onionshare
| Package | 20.04 LTS |
|---|---|
| onionshare | Needs evaluation |
[OnionShare follows symlinks in shared directories, allowing unintended disclosure of local files]
1 affected package
onionshare
| Package | 20.04 LTS |
|---|---|
| onionshare | Needs evaluation |
Not in release
An elevation of privilege vulnerability exists in Windows Presentation Foundation (WPF) in .NET 8, .NET 9, and .NET 10 when parsing specially crafted XAML input. An attacker who successfully exploits this vulnerability could...
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
A remote code execution vulnerability exists in Windows Presentation Foundation (WPF) in .NET 8, .NET 9, and .NET 10 when parsing specially crafted XAML input. An attacker who successfully exploits this vulnerability could execute...
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
A remote code execution vulnerability exists in Windows Presentation Foundation (WPF) in .NET 8, .NET 9, and .NET 10 when parsing specially crafted XAML input. An attacker who successfully exploits this vulnerability could execute...
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(),...
1 affected package
libcrypt-openssl-x509-perl
| Package | 20.04 LTS |
|---|---|
| libcrypt-openssl-x509-perl | Needs evaluation |